ARP: Address Resolution Protocol
Computer Network System
Sirak Kaewjamnong
1
IP and MAC Address
• Stations need to know MAC address to communicate
• Hardware MAC address
– Ethernet 6 bytes
– Token ring 2 or 6 bytes
– FDDI 2 or 6 bytes
• How does IP address get mapped to MAC address?
– Manual configuration by hand is tedious
– automatic process by ARP
2
ARP Protocol
• RFC 826 address resolution protocol
• ARP map any network level address (such as IP) to its
corresponding data link address (such as Ethernet)
• support protocol in data link layers, not data link layer
protocol
3
ARP in Operation
• Host A want to resolve MAC address of C
– A sends broadcast ARP request
– A gets unicast ARP reply from C
Who has IP
172.28.80.25?
A
172.28.80.5
No, not me
Me with
00:F4:DF:80:4C:52
B
C
D
172.28.80.25
172.28.80.35
172.28.80.15
Ohm..No, not me
4
ARP datagrams
Frame header
ARP/RARP message
0
15 16
Hardware type: 16
hlen :8
Datalink frame
31
Protocol type :16
plen : 8
ARP operation
Sender MAC address (bytes 0-3)
Sender MAC address (bytes 4-5) Sender IP address (bytes 0-1)
Sender IP address (bytes 2-3)
Dest MAC address (bytes 0-1)
Destination MAC address (bytes 2-5)
Destination IP address (bytes 0-3)
5
Header details
•
•
•
•
•
Hardware type : Ethernet = 1, ARCnet = 7, localtalk = 11
Protocol type : IP = 0X800
hlen : length of hardware address, Ethernet = 6 bytes
plen : length of protocol address, IP = 4 bytes
ARP operation : ARP request = 1, ARP reply = 2,
RARP request =3 RARP reply =4
6
ARP Request Packet
IP 172.28.80.96
MAC 00:50:BA:49:9D:B9
Sample ARP request Ethernet packet
FF:FF:FF:FF:FF
00:50:BA:49:9D:B9
0x0806
0x01
0x06
0x800
0x04
0x001
00:50:BA:49:9D:B9
172.28.80.96
00:00:00:00:00:00
172.28.80.100
Checksum
IP 172.28.80.100
MAC ?
Dest MAC (broadcast)
Source MAC
ARP frame type
Ethernet / IP
MAC=6 / IP = 4 / request
Source MAC
Source IP
Dest MAC (unknow)
Dest IP
Ethernet checksum
7
ARP Reply Packet
IP 172.28.80.96
MAC 00:50:BA:49:9D:B9
Sample ARP request Ethernet packet
00:50:BA:49:9D:B9
00:02:7A:D2:B3:00
0x0806
0x01
0x06
0x04
0x800
0x002
00:02:7A:D2:B3:00
172.28.80.100
00:50:BA:49:9D:B9
172.28.80.96
Checksum
IP 172.28.80.100
MAC 00:02:7A:D2:B3:00
Dest MAC (unicast)
Source MAC
ARP frame type
Ethernet / IP
MAC=6 / IP = 4 / reply
Source MAC
Source IP
Dest MAC
Dest IP
Ethernet checksum
8
ARP Mechanism
• Each node maintains the ARP cache
– It first looks in the cache to find entry first
– if the entry is not used for a period (approximate 15 minutes), it
is delete
• Receive node can adds an MAC address entry for source
station in its own cache
• ARP traffic load
– hosts quickly add cache entries
– all of hosts on a subnet are booted at the same time? Flurry of
ARP request and reply
9
Proxy ARP
• One node answer ARP request for another: Router R
answers for Y
X
IP 172.28.80.96
MAC 00:50:BA:49:9D:B9
Y
IP 172.28.100.100
MAC 00:02:7A:D2:B3:00
R
X to Y request -->
<--R send 172.28.100.100 IP 172.28.80.1
MAC 00:50:BA:49:00:BB
with 00:50:BA:49:00:BB
Router
• useful when some nodes on a network cannot support
subnet
– X do not understand subnet, so it thinks that Y is on the same
subnet
• Router must be configured to be a proxy ARP
10
RARP
•
•
•
•
Reverse ARP : map MAC address to IP address
for device that cannot store IP, usually diskless workstations
Need to set up server with RARP table
Use the same frame format
– 0x0835 for Ethernet RARP request
– operation 0x003 = RARP request 0x004 = RARP reply
• RARP can not operate across router , BOOTP is more spread
11